Yesterday the news hit that an organisation appeared to have hacked the command and control server for an NSA-tied hacking group, purportedly known as Equation Group. Looking at the information and tools released, Edward Snowden thinks this was a warning from a foreign nation.
Equation Group is an NSA-linked hacking collective considered by many to be one of the most advanced in the world, but that doesn't mean it's immune to having its dirty washing exposed. That's what seems to have happened in the case of this sever hack, with many advanced hacking tools now being put up for auction by those claiming responsibility.
1) NSA traces and targets malware C2 servers in a practice called Counter Computer Network Exploitation, or CCNE. So do our rivals.
— Edward Snowden (@Snowden) August 16, 2016
3) This is how we steal their rivals' hacking tools and reverse-engineer them to create "fingerprints" to help us detect them in the future.
— Edward Snowden (@Snowden) August 16, 2016
According to Snowden though, this isn't anything that new. While the rules might state that all servers be cleaned of tools after use, people are lazy he said, which is why these hackers found tools from 2010 through 2013 on the server.
What is new though, is a group talking about it. It seems unlikely that anyone is going to hand over the million Bitcoin ransom price for these tools, so why would the hackers announce it? In Snowden's mind, this is a warning.
He suggests there could be some Russian involvement and that this warning is designed to show that proof exists that the U.S. took part in certain hacks, by linking it to the tools discovered on the server. It could be a way of forcing officials not to look too deeply into the recent hacks of the Democratic National Convention in America. If they did and started pointing fingers, this group may start to point them right back, with real evidence.
Funnily enough though, Snowden thinks that his initial document leak may have actually helped in this instance. His original story came out in mid-2013, around the time that this server appears to have stopped being used. It could be that his leak caused a migration as a precaution – even if they didn't clean house first.
You're welcome, @NSAGov. Lots of love.
— Edward Snowden (@Snowden) August 16, 2016
Discuss on our Facebook page, HERE.
KitGuru Says: It would be really interesting to look at an alternate timeline where Snowden didn't flee to China/Russia and didn't leak anything. Would this leak have been even worse of the NSA?
Image source: Wikimedia
huh, wonder when this hacker group is going to “warn” countries with state sponsored hackers that steal corporate secrets to make crap knockoffs or hack political campaigns so they can help promote the crazy. probably about the same time those countries stop abusing human rights and killing off their political rivals.
hope you enjoy russia snowden.
Already pretty well known that all countries are constantly under attack by either state sponsored or the curious few that take on hacking as a hobby. Russia has been pushing heavily into cyber espionage as well as China. They’re focused more on how to bring down infrastructure. I wouldn’t be surprised if their tactic is to take down infrastructure cybernetically first and then invade their neighbors. Take down communications, create havok within the populace, roll right in. From the talks around Ukraine, Russia has some pretty strong jamming technology that is pretty advanced. Don’t know how legit the claim is.